Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/1CyzKTSUGqvx3OyUAGR3OATmKOg.roa
File: 1CyzKTSUGqvx3OyUAGR3OATmKOg.roa (raw, json)
Hash identifier: rilnowcGuwus1/WRGp84aFZique0Bvm+3PulbRJ3ebM=
Subject key identifier: D4:2C:B3:29:34:94:1A:AB:F1:DC:EC:94:00:64:77:38:04:E6:28:E8
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 0196C3ED4A9A97FDEC7E47CA6CA80F941BF1
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/1CyzKTSUGqvx3OyUAGR3OATmKOg.roa
Signing time: Mon 12 May 2025 09:57:10 +0000
ROA not before: Mon 12 May 2025 09:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207551
IP address blocks: 89.35.53.0/24 maxlen: 24
117.55.199.0/24 maxlen: 24
194.164.87.0/24 maxlen: 24
202.181.153.0/24 maxlen: 24
203.28.15.0/24 maxlen: 24
212.6.53.0/24 maxlen: 24
2a10:2080::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:ed:4a:9a:97:fd:ec:7e:47:ca:6c:a8:0f:94:1b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: May 12 09:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d42cb32934941aabf1dcec940064773804e628e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:66:5a:9c:be:2a:58:6e:c7:80:9a:1a:12:8d:
39:1b:29:6d:27:37:68:8e:53:38:d9:2c:f0:67:bc:
4c:93:93:32:99:98:7f:3c:df:bc:b7:17:6b:89:96:
3f:2a:a5:c6:66:6a:77:4d:10:b3:19:19:8e:56:f9:
c4:66:b3:3a:9a:24:b9:c7:e4:50:5d:a2:e5:f8:68:
b6:f0:90:00:2a:9d:11:75:d8:45:25:de:71:d8:74:
42:b0:25:16:48:39:42:fe:4a:c1:2b:ee:01:e6:23:
7d:c4:47:57:8c:ec:e4:ef:aa:9c:56:37:9c:bc:58:
77:c9:22:b6:9b:5d:80:61:36:f9:c9:ed:f7:92:ff:
7b:bd:4c:f5:ff:66:1a:1b:c3:7e:84:f4:2c:80:98:
7f:6d:3e:0a:c4:4a:5e:48:c8:aa:d8:85:16:21:91:
b1:b2:a5:f5:97:38:24:e1:eb:ef:ef:d4:e5:0d:0c:
b9:3c:86:8e:15:da:f3:d3:bd:07:0b:cb:37:ff:b3:
31:78:c2:8c:27:4e:bd:23:33:6e:7d:b3:8b:70:d7:
c5:48:b0:f7:7f:3d:21:59:ec:64:b9:46:7b:ce:fc:
fd:3f:83:45:21:30:94:94:06:83:9c:74:1d:7c:ab:
2a:4a:8f:0e:2a:d9:00:9b:3d:ef:8d:a3:a8:8d:22:
fb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2C:B3:29:34:94:1A:AB:F1:DC:EC:94:00:64:77:38:04:E6:28:E8
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/1CyzKTSUGqvx3OyUAGR3OATmKOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.53.0/24
117.55.199.0/24
194.164.87.0/24
202.181.153.0/24
203.28.15.0/24
212.6.53.0/24
IPv6:
2a10:2080::/29
Signature Algorithm: sha256WithRSAEncryption
c2:32:66:ee:55:1c:e7:b5:84:6a:ad:b5:b4:55:6a:b5:ca:5a:
30:93:88:da:b0:8b:e6:f0:14:af:6d:9c:ed:04:d4:1e:66:4d:
90:92:4a:08:08:f7:95:fe:31:87:1a:27:21:7b:0b:3e:e2:b9:
f8:c5:2c:07:14:87:88:fc:48:df:ff:30:37:fe:47:e1:5b:07:
41:4a:f9:1e:c2:ba:04:0e:02:e7:0d:af:59:8f:08:39:7c:ca:
1e:d3:01:c2:2f:9e:8d:cd:89:17:cf:be:2f:18:15:da:a9:a7:
96:7c:a0:32:2b:e5:a1:e5:bb:4e:5e:7e:3f:39:18:1c:80:09:
9b:0b:ba:0e:4e:4f:5f:65:eb:3c:ba:01:c0:1e:5b:c4:a2:8a:
b7:86:ce:84:b4:bb:0d:e7:0a:98:a8:b1:b5:1c:38:9c:46:6c:
fe:ae:1c:55:a5:1d:99:17:44:8a:3e:6a:1f:2d:2c:04:6e:ee:
b0:26:09:9d:7e:88:8e:c7:54:d2:a0:af:51:67:ec:4a:54:cd:
73:b1:c7:92:43:40:38:bd:bd:be:80:14:74:21:d2:bb:0d:03:
8c:0f:97:19:2c:86:8b:7f:82:ef:5d:6f:bf:03:e4:8a:d7:3f:
17:8f:10:2e:44:a8:12:6e:80:52:54:50:f4:77:b3:8c:df:61:
0c:00:38:0d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZbD7Uqal/3sfkfKbKgPlBvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjUwNTEyMDk1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDJjYjMyOTM0OTQxYWFiZjFkY2VjOTQwMDY0NzczODA0ZTYyOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGZanL4qWG7HgJoaEo05GyltJzdo
jlM42SzwZ7xMk5MymZh/PN+8txdriZY/KqXGZmp3TRCzGRmOVvnEZrM6miS5x+RQ
XaLl+Gi28JAAKp0RddhFJd5x2HRCsCUWSDlC/krBK+4B5iN9xEdXjOzk76qcVjec
vFh3ySK2m12AYTb5ye33kv97vUz1/2YaG8N+hPQsgJh/bT4KxEpeSMiq2IUWIZGx
sqX1lzgk4evv79TlDQy5PIaOFdrz070HC8s3/7MxeMKMJ069IzNufbOLcNfFSLD3
fz0hWexkuUZ7zvz9P4NFITCUlAaDnHQdfKsqSo8OKtkAmz3vjaOojSL7hQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNQssyk0lBqr8dzslABkdzgE5ijoMB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEvMUN5ektUU1VHcXZ4M095VUFHUjNPQVRtS09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAWSM1AwQA
dTfHAwQAwqRXAwQAyrWZAwQAyxwPAwQA1AY1MA0EAgACMAcDBQMqECCAMA0GCSqG
SIb3DQEBCwUAA4IBAQDCMmbuVRzntYRqrbW0VWq1ylowk4jasIvm8BSvbZztBNQe
Zk2QkkoICPeV/jGHGichews+4rn4xSwHFIeI/Ejf/zA3/kfhWwdBSvkewroEDgLn
Da9Zjwg5fMoe0wHCL56NzYkXz74vGBXaqaeWfKAyK+Wh5btOXn4/ORgcgAmbC7oO
Tk9fZes8ugHAHlvEooq3hs6EtLsN5wqYqLG1HDicRmz+rhxVpR2ZF0SKPmofLSwE
bu6wJgmdfoiOx1TSoK9RZ+xKVM1zsceSQ0A4vb2+gBR0IdK7DQOMD5cZLIaLf4Lv
XW+/A+SK1z8XjxAuRKgSboBSVFD0d7OM32EMADgN
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:15:44 2025 by rpki-client